A client's trade secret goes into an AI tool in the course of ordinary work - a pricing model to analyze, a process to document, source code to debug. The tool keeps a copy: in the visible history, and usually in logs, telemetry, and backups you never see. Put that fact in front of a lawyer and the reaction splits two ways. One lawyer panics, certain the secret is now exposed. Another shrugs, certain the enterprise agreement covers it. Both are answering the wrong question.
Start with what retention does not do. A trade secret is not lost merely because someone else holds a copy. It is lost when it is disclosed to a party under no obligation to keep it secret, or made public. (Ruckelshaus v. Monsanto Co., 467 U.S. 986, 1002 (1984).) That line is no longer theory in this setting. In January 2026, a federal court dismissed a trade-secret claim because the plaintiff had built her claimed secrets inside consumer ChatGPT and pleaded no reasonable measure to keep them secret - a voluntary disclosure to a vendor under no alleged duty of confidence, and the secrecy element failed with it. (Trinidad v. OpenAI, Inc., No. 25-cv-06328-JST (N.D. Cal. Jan. 5, 2026).) The line is the obligation, not the copy. A vendor holding your input under confidentiality terms that actually reach it - the inputs, the outputs, the logs underneath - sits on the other side. The enterprise label is not what puts it there; the contract is. The secret survives the copy. The panicking lawyer is wrong, and the shrugging lawyer is, for the moment, right.
The problem is that "for the moment" is the whole point. Trade-secret protection is not a one-time clearance. It is a continuing condition - reasonable measures, maintained for as long as you want the secret (18 U.S.C. § 1839(3)). The contract has to outlive the copy. And there is a line of cases that makes the duration of the confidentiality obligation decisive. When the obligation expires, some courts have treated the trade-secret protection as expiring with it, and have read the expiration itself as evidence the owner stopped taking reasonable measures. (Silicon Image, Inc. v. Analogix Semiconductor, Inc., No. 07-cv-00635 JCS, 2008 WL 166950, at *16-17 (N.D. Cal. Jan. 17, 2008); D.B. Riley, Inc. v. AB Eng'g Corp., 977 F. Supp. 84, 91 (D. Mass. 1997).) Where an express agreement governs, it can displace any implied duty of confidence, so once it lapses there is nothing left underneath. (Marketel Int'l, Inc. v. Priceline.com, Inc., 36 F. App'x 423, 425 (Fed. Cir. 2002).) The clocks are not exotic. In one case the confidentiality obligation simply ran two years "from the date of this Agreement," which the court read from the signing date - so conduct after the window closed breached nothing. (Salesbrain, Inc. v. Angelvision Techs., No. 12cv05026, 2013 BL 391882, at *13 (N.D. Cal. Mar. 21, 2013).) And a long clock is still a clock: in D.B. Riley the confidentiality term ran ten years past the end of the contract, and the court read even that as proof the owner's own expectations of secrecy were time limited - the standard it invoked was "eternal vigilance."
Now put a vendor in the place of the recipient. No court has applied this duration line to an AI vendor's logs, and I will not pretend one has - this is the principle, not a holding. But the structure is identical. The vendor holds the copy under terms that have a duration. If that obligation is time-limited and lapses while the copy still sits in retained logs or backups, you are in the posture the cases punish: a secret still in someone's hands, no longer under an enforceable duty to keep it. The operational version of this even has a name - retention creep - where sensitive material persists in telemetry, logs, and backups long after the business reason for keeping it is gone.
Duration is the first prong. The second is deletion. Reasonable measures has never been only about the front door. Owners have lost on it for failing to get information returned or destroyed when a relationship ended. With a vendor, the analog is whether you hold an enforceable right to require deletion, and whether that right reaches the logs and backups rather than only the chat you can see. A right to require permanent deletion of inputs and outputs within a defined timeframe is a baseline enterprise term, not a luxury one. If you cannot compel deletion, you cannot later prove you took the measure - and the burden is yours. Trade secrets carry no presumption of validity; the owner has to establish that secrecy was reasonably maintained. (Synopsys, Inc. v. Risk Based Sec., Inc., 70 F.4th 759, 769 (4th Cir. 2023).)
Two honest limits. The duration line is not universal - a minority of courts have run it this hard, and the obvious fix, a perpetual obligation, is itself treated as an unreasonable restraint of trade in some states, which can void the agreement entirely. The drafting answer is standard bifurcation: confidential information generally survives for a fixed period, while trade secrets stay protected for as long as they remain trade secrets under applicable law. That is the clause to look for before the sensitive material goes in. So this is a risk to engineer around, not a rule to recite. But you do not want to be the test case, and on this element you litigate from behind.
What to actually check, on any tool that touches a client's crown jewels. Does the vendor's confidentiality obligation run indefinitely for trade-secret material, or does it sit on a clock the marketing never mentions. Do you hold a deletion right that reaches retained logs and backups, not just the visible thread. And for the most sensitive matters, does retention need to be bounded or eliminated at the outset, rather than cleaned up later. (Protecting a client's confidential information this way is part of the duty to make reasonable efforts against its disclosure - Model Rule 1.6(c); 37 C.F.R. § 11.106 before the USPTO.)
The contract review is not complicated. Pull three provisions and read them together: confidentiality survival, deletion or return, and what happens to retained logs and backups. If trade-secret material can sit in a log after the confidentiality obligation has expired, you have a duration problem. If the deletion right reaches only the visible chat and not the backups, you have a deletion problem. If backups are carved out with no destruction timeline, you have a proof problem - you cannot prove a measure you cannot enforce. Then read the amendment clause: if the vendor can revise any of those provisions unilaterally, you have a control problem - your diligence answered only for the terms as they stood that day.
The secret does not die because a vendor kept a copy. It dies because the obligation to keep that copy secret quietly ran out, or because you never had the right to make the vendor delete it. Those are the two things to fix, and neither is visible in the window you are typing into.
This is the trade-secret version of a larger shift. As AI moves from a chat window to agents that retrieve and move data on their own, the reasonable-measures question stops being about what you typed and becomes about what the system is allowed to reach. That piece is coming.
I am writing more about practicing law in the age of agentic AI - using these tools without surrendering judgment, privilege, or the duty of competence - at The Agentic Lawyer. www.theagenticlawyer.com
Educational only, not legal advice, and no attorney-client relationship is created. Views are my own. Attorney advertising in some jurisdictions.
